In my humble opinion, passing session information in a URL is a bad idea. This could lead to social engineering attacks "paste your address to me" where people can then get the Session ID and thus manipulate the user's login. This is why cookies are the default.
In general, you are right. However, I doubt if this api use will happen often: the api is an advanced *programming* interface, and not meant for general client use ;). I assume Yuri wants to introduce it because many simple (and even many more advanced) http client libraries do not support cookies.
POST would probably work okay, though. But then, you'd have to use buttons to go anywhere on your site, and the code just starts becoming unmaintainable.
Well, again, no. For api use this could be used, as the client can just add post data. It's not necessary to browse the entire wiki using this system, only api.php has to accept it :)
--valhallasw